I think somewhere along the line, Warner Bros missed the memo that 180solutions is not a brand that many people would jump to associate with. Apparently 180Solutions has started making two Warner Bros shows (a soap opera and animated series) available for download on some of their sites including zango. Of course, the episodes come with bundled adware downloads which, I’m sure, “enhance your web browsing experience” by popping up relevant ad windows on your desktop.
Category: Security
-
Exploit Prevention in software
There’s been a lot of talk about hardware enforced DEP as a mitigating factor in some of the exploits in the last six months. There’s also a new software product that can limit the impact of zero-day exploits. The software is for windows and is called SocketShield. Suzi at Spyware Confidential has taken it for a testdrive on an unpatched XP system through some nasty exploit sites….
-
Would you trust antispyware that installed adware?
There are a couple stories on spywarecleaner’s recent practice of bundling whenu with the free version of their “antispyware scanner”. According to spyware confidential, SpywareCleaner made the rogue antispyware products list and was delisted after they corrected some “issues”. Now, they’ve been relisted due to the adware bundling of WhenU Save.
-
Clickbot – new bot tactic…
There is a new twist on the bot networks that have been the plague of computing in recent years. This one is called ClickBot. The story is from Incidents.org Many sites, (like this one) use adsense to “monetize their content”. The idea is that advertisers bid on “clicks”. So, if I wanted to advertise on the keywords “asheville computer repair” I might bid 5 cents for every click on one of my ads. The problem is many content owners are less than scrupulous.
-
Search engines to blame for malware spread?
There are a couple news stories about a McAfee SiteAdvisor report about the search engines responsibility for sites that distribute malware.
McAfee said Friday that the epidemic of spyware and viruses could be linked to search engines. According to research from the company, even seemingly benign search terms could bring up sites loaded with nasty payloads.
The study looked at the five major search engines — Google, Yahoo, MSN, AOL, and Ask — and covered a period from January through April. Researchers found that in every search engine, popular keywords returned sites that could be potentially dangerous.
What’s worse, in popular keywords such as “free screensavers,” “digital music,” “popular software,” and “singers,” as much as 72 percent of the returned results contained some kind of risky link.
-
Diebold Voting machine vulnerabilities
Freedom to tinker brings us this BIG problem. I guess what concerns me most about this, is the way I see it, voter fraud has pretty much gone on since there have been elections. Let’s face it, there is always someone, acting officially or not that will jockey for the best advantage for their candidate. If that means “helping” someone cast a ballot, or contesting a hanging chad… it cuts both ways, no party has clean hands in this. (Even if it’s something that is done by someone acting on their own, I would say it reflects back on the party.) Anyway… up until know I’ve seen voter fraud as something that is hard to really successfully accomplish on a VERY large scale, AND with assurance of results. With electronic voting machines, I’m afraid there may be a revolution in MASS voter fraud.
-
Federal requirement to disclose database security breaches?
Fines and prison time are among the penalties envisioned under a proposed house bill. The requirement would be that businesses with database holding information on more than 10,000 people (or federal employees) would have to inform either the Secret Service or the FBI of a data security breach. (The maximum sentence would be five years.) Now, on my first read of this, I thought, well sure – any company should disclose the possible loss, theft, or breach of a database holding customer data. I still think that… but I don’t know that the focus of penalty is on the right shoulders.
-
Interesting spyware push download tactic…
Incidents.org has another interesting post about a spyware site. One of the handlers ran across it while doing a search for an educational institution. (They’ve used a wildcard in the dns record so that they can get traffic to {fillinkeyword}.nastydomain.com) Anyway… the main page tries to install WinAntiSpyware2006FreeInstall.cab from WinSoftware Corporation, Inc. It gives the little ActiveX control popdown bar and insists that it must be installed to view the page properly. But that’s not the most interesting part…
-
Detecting Rootkits on a Linux machine
Rootkits are a piece (or pieces) of software that someone can be used once a system is compromised to a) regain access to a system and b) remove traces of a compromise and c) many times hide itself. There are some tools for linux based systems that can be run to detect traces of rootkits and probably the best known is a tool called chkrootkit. I’ve know of it for what seems like years now and it can run a relatively quick test for traces of a wide range of KNOWN linux rootkits.